How Do I...? Common Tasks QuickStart Tutorial

How Do I...Create an assembly with a strong name?

Assemblies can be assigned a cryptographic signature, called a strong name, which provides name uniqueness for the assembly and prevents someone from taking over the name of your assembly (name spoofing). If you are deploying an assembly that will be shared among many applications on the same machine, it must have a strong name. Even if you only use the assembly within your application, using a strong name ensures that the correct version of the assembly gets loaded

The first step in building an assembly with a strong name is to obtain a cryptographic key pair.
The .NET Framework SDK includes a Strong Name tool (Sn.exe) that can be used to generate a key pair. The key pair that is generated by the Strong Name tool can be kept in a file or you can store it in your local machine's Cryptographic Service Provider (CSP). The following command uses the Strong Name tool to generate a new key pair and store it in a file called TestKey.snk:

sn -k Testkey.snk

Once you have obtained the key pair, you need to add the proper custom attribute to your source in order for the compiler to emit the assembly with a strong name. Choosing the correct attribute depends on whether the key pair used for the signing is contained in a file or in a key container within the CSP. For keys stored in a file, use System.Reflection.AssemblyKeyFileAttribute. For keys stored in the CSP use
System.Reflection.AssemblyKeyNameAttribute.

The following example uses AssemblyKeyFileAttribute to specify the name of the file containing the key pair. In Visual Basic, the assembly level attributes must be the first statements in the file.

using System;
using System.Reflection;
[assembly:AssemblyKeyFileAttribute("TestKey.snk")]

C#

You can also choose to delay sign your assembly. This means that the
space for the signature is reserved in the PE file, but the signing itself is
not done until later. This approach is typically used if you do not have
access to the private key you need to generate the strong name.

The makefile included with this sample uses the Strong Name Tool to generate a key pair,
then builds a strong-named assembly with C# or Visual Basic. If you look at the assembly with MSIL Disassembler (Ildasm.exe) after the build is complete, you can
see the public key as part of the assembly's identity in the manifest. The signature
itself is stored elsewhere in the PE file. You do not need to use the Strong Name tools to generate a new key-pair for each build. Since the public key is part of the assembly's name, you can generate one key-pair and never change it for the lifetime of the assembly.

Example

VB Strong Names

[This sample can be found at C:\DevFusion.Data\legacy\quickstart.developerfusion.co.uk\QuickStart\howto\samples\assemblies\sharedname\]

For more information regarding strong names, see the topic "Working with Strongly-Named Assemblies" in the core SDK documentation.